Patch Tuesday Will Be Biggest Ever with 13 Bulletins
The patches cover Office, SQL Server, Internet Explorer, and Microsoft developer tools, as well as all currently supported versions of Windows, including the yet-to-be released Windows 7. The previous largest Patch Tuesdays were 12 bulletins in October 2008 and November 2007.
Avoiding IT Headaches
"Microsoft is releasing a heavy load of patches to organizations next Tuesday with eight critical and five important vulnerabilities," said Paul Zimski, vice president of market strategy for Lumension. "Overall, the advanced bulletin from Microsoft further illustrates the importance of a strong patching solution, as IT administrators will spend a lot of extra time patching this month if they don't have a proper process in place."
Zimski pointed to several standout bulletins coming Tuesday. One he highlighted is Bulletin 13, which is labeled as critical. Zimski said this bulletin raises a red flag because it affects a large number of operating systems, core services, and applications.
"It is most likely a low-level vulnerability shared within the operating system itself that needs to be fixed," Zimski said. "Before deploying this patch into production environments, however, it will be important to test it vigorously to ensure services are not impacted by unexpected results."
Drive-By Malware
Bulletin 5 presents an increased threat for what is typically called drive-by malware -- which users download without understanding the consequences or browser exploitation without the user's knowledge.
Zimski sees an increased threat because the bulletin concerns the most current versions of Internet Explorer -- versions 7 and 8 -- on multiple operating-system platforms. That,...No tag for this post.
